New tool combats phishing phrenzy

A UK internet security firm has produced a new weapon to combat the threat of phishing attacks. The Netcraft Toolbar gives details of websites, so that users can tell if they are actually what they claim to be.

"If you're on a site that claims to be US Bank, but it's being hosted from Brunei or Russia then it's unlikely to be legitimate," said Paul Mutton, internet services developer at Netcraft. "A lot of information will be available through the toolbar, it's like a large neighbourhood watch scheme. We will also block known phishing sites."

Users will be able to determine the hosting location, country, longevity and how many times any website has been visited. Currently a Microsoft Internet Explorer version is available but Netcraft expect a to release the toolbar for Firefox within two months. A similar tool, known as Spoofstick, is available from US firm Corestreet. It details spoofed websites but does not give information on unknown sites.

The news comes on the back of a recent SC Magazine investigation that highlighted banks and financial institutions could do more to combat the threat of phishing attacks. Sender Policy Framework, a method of email authentication, has been widely rejected by nearly all major firms apart from American Express.

And phishing in general appears to be on the increase. The Anti-phishing Working Group and internet security firm Websense have just released figures indicating that phishing attacks rose by 29 per cent from September to November last year.